Filtered by vendor Redhat
Subscribe
Total
486 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5741 | 2 Golang, Redhat | 3 Go, Enterprise Linux, Openstack | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields. | |||||
| CVE-2014-8089 | 3 Fedoraproject, Redhat, Zend | 3 Fedora, Enterprise Linux, Zend Framework | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte. | |||||
| CVE-2011-2897 | 3 Debian, Gnome, Redhat | 3 Debian Linux, Gdk-pixbuf, Enterprise Linux | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw | |||||
| CVE-2019-16942 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 29 Debian Linux, Jackson-databind, Fedora and 26 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling. | |||||
| CVE-2019-20445 | 6 Apache, Canonical, Debian and 3 more | 8 Spark, Ubuntu Linux, Debian Linux and 5 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. | |||||
| CVE-2019-14896 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP. | |||||
| CVE-2020-1693 | 1 Redhat | 1 Spacewalk | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server. | |||||
| CVE-2019-14859 | 2 Python-ecdsa Project, Redhat | 4 Python-ecdsa, Ceph Storage, Openstack and 1 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions. | |||||
| CVE-2019-19012 | 4 Debian, Fedoraproject, Oniguruma Project and 1 more | 4 Debian Linux, Fedora, Oniguruma and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. | |||||
| CVE-2019-17631 | 2 Eclipse, Redhat | 7 Openj9, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks. | |||||
| CVE-2019-16943 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 27 Debian Linux, Jackson-databind, Fedora and 24 more | 2023-12-10 | 6.8 MEDIUM | 9.8 CRITICAL |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. | |||||
| CVE-2019-14842 | 1 Redhat | 1 Libnbd | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a negative offset then data under control of the server is written to memory before the read buffer supplied by the client. If the read buffer is located on the stack then this allows the stack return address from nbd_pread() to be trivially modified, allowing arbitrary code execution under the control of the server. If the buffer is located on the heap then other memory objects before the buffer can be overwritten, which again would usually lead to arbitrary code execution. | |||||
| CVE-2014-4967 | 1 Redhat | 1 Ansible | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing " src=" clause, (2) a trailing " temp=" clause, or (3) a trailing " validate=" clause accompanied by a shell command. | |||||
| CVE-2011-3923 | 2 Apache, Redhat | 2 Struts, Jboss Enterprise Web Server | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands. | |||||
| CVE-2014-3700 | 1 Redhat | 2 Edeploy, Jboss Enterprise Web Server | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data | |||||
| CVE-2019-17267 | 5 Debian, Fasterxml, Netapp and 2 more | 13 Debian Linux, Jackson-databind, Active Iq Unified Manager and 10 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. | |||||
| CVE-2019-10202 | 1 Redhat | 2 Enterprise Linux, Jboss Enterprise Application Platform | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike. | |||||
| CVE-2019-19334 | 3 Cesnet, Fedoraproject, Redhat | 3 Libyang, Fedora, Enterprise Linux | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution. | |||||
| CVE-2019-14906 | 2 Libsdl, Redhat | 2 Simple Directmedia Layer, Enterprise Linux | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow an attacker to make the application crash or execute code. | |||||
| CVE-2019-14837 | 1 Redhat | 2 Keycloak, Single Sign-on | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. For example, for client name 'test' the email address will be 'service-account-test@placeholder.org'. | |||||